Vulnerabilities > Phpspreadsheet Project > Phpspreadsheet > 1.3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-09 | CVE-2020-7776 | Cross-site Scripting vulnerability in PHPspreadsheet Project PHPspreadsheet This affects the package phpoffice/phpspreadsheet from 0.0.0. | 3.5 |
2019-11-07 | CVE-2019-12331 | XXE vulnerability in PHPspreadsheet Project PHPspreadsheet PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. | 6.8 |
2018-11-14 | CVE-2018-19277 | XML Injection (aka Blind XPath Injection) vulnerability in PHPspreadsheet Project PHPspreadsheet securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file | 6.8 |